A *NEW* for-real ransom virus - please read

I'm not a tech blogger (on purpose, because god knows we have enough of them out there), but I'd be remiss if I didn't do my part to call attention to this new virus that encrypts your precious data with a 1024-bit encryption key, and demands a ransom be paid to get the decryption key.

Now, this isn't the weaksauce 128-bit version from '06, or the mediumsauce 660-bit key from last year. This one is ALL NEW for 2008, and even though the older versions could be decrypted, this one ain't quite there yet... And might not be there for a while.

Why do I say that? Well... It took Distributed.net 1,757 days across 331,252 individual computers working together to crack a 64-bit RC5 key. This is 1024-bit key on the same algorithm... So yeah. You pony up the dough, or your data's fucked.

The virus apparently infects PCs through unpatched browser exploits. The bottom line... PLEASE update your browser if you're on a PC. My suggestion, of course, is to start using FIREFOX if you're not, and keep it up to date with every new release. Trust me, if you're not using it and see changing as a big pain... It is, but within a week, you'll NEVER go back.

Please, at the very least, move from IE6 to IE7 and set up Windows Update to automatically update your machine. No matter how "evil" you see WGA as being, it's nowhere near as evil as having your sensitive data locked down with some 1024-bit encryption key and having to either a) wait or b) pay a ransom to get at it.

Just checking the stuff on my machine, if I were hit with this thing, This Is Not Art! Productions would be in a WORLD of hurt. Thankfully, with Jeremy's help, I've created a fairly fail-proof backup schema that incorporates Apple Time Machine on a remote drive, rsynch backup between the laptop and desktop, and off-site storage of all data nightly at Mozy.com. Also, thankfully, I don't use PCs anymore. But that's a whole other topic.

Seriously, update your stuff. Don't get jacked.